[dns-operations] Signing of the ARPA zone
Mark Andrews
marka at isc.org
Fri Mar 26 20:36:36 UTC 2010
In message <19373.781.686985.424732 at macsl.switch.ch>, Simon Leinen writes:
>
> So it might make sense to investigate whether it would have been
> possible to avoid or mitigate this issue somehow - maybe by reducing
> the TTL of some record(s) in preparation of publishing the keys.
It could have almost certainly been reduced by having a small ttl
for the DNSKEY and/or negative responses from the zone. Which we
will know once we have done a full analysis. And yes, I expect
that we will publish it once it is done.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list